O'Reilly logo

Memory Dump Analysis Anthology, Volume 7 by Dmitry Vostokov

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Last Activity

Sometimes we need to analyze the last activity before Significant Event (Volume 5, page 281) or Discontinuity (Volume 4, page 341). By this pattern we mean a loose semantic collection of messages before process exit, for example. This might give some clues to further troubleshooting. In one incident a process was suddenly exiting. Its own detailed trace didn't have any messages explaining that probably due to insufficient tracing coverage (Sparse Trace, page 303). Fortunately, a different external trace (from Process Monitor) was collected (Inter-Correlation, Volume 4, page 350) and it had LDAP network communication messages just before thread and process exit events.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required